Irish university MTU Cork has decided to close all four campuses for two days and cancel all classes due to an intrusion into its IT systems. The attack took place last weekend and would have been detected at an early stage. The university gives no details about what kind of attack it is exactly and […]
Google AI was promoted in an advert designed to show off its new AI bot (Bard). Unfortunately Bard answered a query incorrectly. On Twitter last Monday, the bot was asked about what to tell a nine-year-old about discoveries from the James Webb Space Telescope. It offered the response that the telescope was the first to […]
The Italian privacy regulator has ordered a popular AI chatbot to cease processing data on domestic citizens after breaking GDPR rules. The ‘virtual friend’ app tries to improve users’ emotional well-being and help users understand their thoughts and calm anxiety through stress management, socialization and the search for love,” but doesn’t seem to comply with […]
Privacy by Design (PbD) is about to become an international privacy standard for the protection of consumer products and services. This will have a huge impact. As a guideline, Privacy by Design applies to IT systems, accountable business practices, and physical design and networked infrastructure.
Public bodies should take into account the possible sensitive nature and large amounts of data processed by public bodies. But how to guarantee the fundamental right to the protection of personal data? The EDPB therefore underlines the need for public bodies to act in full compliance with the GDPR when using cloud-based products or services. […]
T-Mobile said a “bad actor” abused an application programming interface (API) to hoover up data on roughly 37 million current postpaid and prepaid customer accounts. The data stolen included customer name, billing address, email, phone number, date of birth, T-Mobile account number, as well as information on the number of customer lines and plan features. […]
According to a PayPal notice of security incident dated January 18, attackers got unauthorized access to the accounts of thousands of users between December 6 and 8, 2022. The total number of accounts that were accessed by threat actors using a credential stuffing attack is reported as being 34,942.
NortonLifeLock warns customers that criminals have broken into their Norton Password Manager, an online password manager, and advises that all stored credentials be changed immediately. The password manager can be used via a Norton account and can generate passwords and store them in an “online vault”. The password manager is available as a browser extension […]
Every person has the right to know to whom his or her personal data have been disclosed.A citizen requested Österreichische Post, the principal operator of postal and logistical services in Austria, to disclose to him the identity of the recipients to whom it had disclosed his personal data. The post gave petitioner only the categories […]
A zero-day vulnerability in FortiOS SSL VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations.” “The attacks entailed the exploitation of CVE-2022-42475, a heap-based buffer overflow flaw that could enable an unauthenticated remote attacker to execute arbitrary code via specifically crafted requests.”